Rattic Password database on Ubuntu 14.04 with Apache

I just installed RatticDB to replace our holey and aged password store at work.  There is very little in the way of detailed online support on how to get this going. I’ve documented the process here for anyone else who might want to get this working.

Introduction

This installation took place on a cleanly installed Ubuntu 14.04 server. Note that I use vim to edit files so change any reference to vim to your preferred editor.

Setup Process

The passwords are stored in MySQL, in an unencrypted state. The DB lives on an encrypted partition mounted on /crypt. Rattic lives in /opt/

!!NOTE!! Because the system relies on an encrypted file system, the machine will require a password before it boots up. 

Encrypted partition

I chose to store the DB on a completely separate, encrypted disk. So first add a disk to the machine. In this example, the new disk is /dev/vda.

Rattic Setup

First, install some requirements:

Now download the latest version of Rattic

Extract it into /opt/apps

Create a link

Now install the app

Create the directory for the static web files

Create a database in mysql – use whatever naming conventions you choose, make a note of the username and password for later on. I moved the database store folder to the encrypted disk i created earlier and created a simlink to it in /var/lib/mysql. This way my DB lives on the encrypted partition.

Now we create a config file for Rattic

And add the following:

Now run the follow setup commands:

Check /opt/apps/RatticWeb/conf/defaults.cfg and update timezone and any other relevant settings, i.e. timezone, mail server.

Configure Apache

I simply modified the existing default sites in apache since there will be no other hosts on this server.

Should look like this:

Then:

Add the following:

Enable both sites:

Enable some apache mods that are needed:

And finally, you should be able to access the site on https://YOURHOSTNAME.DOMAIN.COM

Conclusion

Saving your passwords in a database is always a risky proposition but is a necessary evil. I have this server installed in a virtual environment, only accessible to a limited range of internal IP addresses, with no outside access at all. I run various security enhancements on the server to limit its exposure as much as possible and I highly recommend you do the same.

27 thoughts on “Rattic Password database on Ubuntu 14.04 with Apache

        1. got this error too,

          Traceback (most recent call last):
          File “./manage.py”, line 10, in
          execute_from_command_line(sys.argv)
          File “/usr/local/lib/python2.7/dist-packages/Django-1.6-py2.7.egg/django/core/management/__init__.py”, line 399, in execute_from_command_line
          utility.execute()
          File “/usr/local/lib/python2.7/dist-packages/Django-1.6-py2.7.egg/django/core/management/__init__.py”, line 392, in execute
          self.fetch_command(subcommand).run_from_argv(self.argv)
          File “/usr/local/lib/python2.7/dist-packages/Django-1.6-py2.7.egg/django/core/management/base.py”, line 242, in run_from_argv
          self.execute(*args, **options.__dict__)
          File “/usr/local/lib/python2.7/dist-packages/Django-1.6-py2.7.egg/django/core/management/base.py”, line 285, in execute
          output = self.handle(*args, **options)
          File “/usr/local/lib/python2.7/dist-packages/South-0.8.4-py2.7.egg/south/management/commands/migrate.py”, line 87, in handle
          apps = list(migration.all_migrations())
          File “/usr/local/lib/python2.7/dist-packages/South-0.8.4-py2.7.egg/south/migration/base.py”, line 33, in all_migrations
          yield Migrations(app)
          File “/usr/local/lib/python2.7/dist-packages/South-0.8.4-py2.7.egg/south/migration/base.py”, line 64, in __call__
          self.instances[app_label] = super(MigrationsMetaclass, self).__call__(app_label_to_app_module(app_label), **kwds)
          File “/usr/local/lib/python2.7/dist-packages/South-0.8.4-py2.7.egg/south/migration/base.py”, line 90, in __init__
          self.set_application(application, force_creation, verbose_creation)
          File “/usr/local/lib/python2.7/dist-packages/South-0.8.4-py2.7.egg/south/migration/base.py”, line 154, in set_application
          module = importlib.import_module(self.migrations_module())
          File “/usr/local/lib/python2.7/dist-packages/Django-1.6-py2.7.egg/django/utils/importlib.py”, line 40, in import_module
          __import__(name)
          File “/usr/local/lib/python2.7/dist-packages/kombu-3.0.32-py2.7.egg/kombu/transport/django/migrations/__init__.py”, line 16, in
          raise ImproperlyConfigured(SOUTH_ERROR_MESSAGE)
          django.core.exceptions.ImproperlyConfigured:
          For South support, customize the SOUTH_MIGRATION_MODULES setting
          to point to the correct migrations module:

          SOUTH_MIGRATION_MODULES = {
          ‘kombu_transport_django’: ‘kombu.transport.django.south_migrations’,
          }

          1. Hi Simon,

            Got this error while typing mount /crypt

            mount: wrong fs type, bad option, bad superblock on /dev/mapper/crypt,
            missing codepage or helper program, or other error

            In some cases useful info is found in syslog – try
            dmesg | tail or so.

          2. Hi Simon, got this error message,
            mount: wrong fs type, bad option, bad superblock on /dev/mapper/crypt,
            missing codepage or helper program, or other error

            In some cases useful info is found in syslog – try
            dmesg | tail or so.

            When i checked on the dmesg,
            [961835.588845] REISERFS warning (device dm-0): sh-2021 reiserfs_fill_super: can not find reiserfs on dm-0
            [962046.383869] REISERFS warning (device dm-0): sh-2006 read_super_block: bread failed (dev dm-0, block 8, size 1024)
            [962046.383878] REISERFS warning (device dm-0): sh-2006 read_super_block: bread failed (dev dm-0, block 64, size 1024)
            [962046.383881] REISERFS warning (device dm-0): sh-2021 reiserfs_fill_super: can not find reiserfs on dm-0
            [962835.552648] REISERFS warning (device dm-0): sh-2006 read_super_block: bread failed (dev dm-0, block 8, size 1024)
            [962835.552656] REISERFS warning (device dm-0): sh-2006 read_super_block: bread failed (dev dm-0, block 64, size 1024)
            [962835.552658] REISERFS warning (device dm-0): sh-2021 reiserfs_fill_super: can not find reiserfs on dm-0
            [963014.543250] EXT4-fs (dm-0): unable to read superblock
            [963014.543313] EXT4-fs (dm-0): unable to read superblock
            [963014.543353] EXT4-fs (dm-0): unable to read superblock

            I don’t know what to do next.

            Please advise.

            Thanks.

  1. Hi, was able to figure it out.
    I have a question, are these files found in RatticWeb? Or should i create them.
    1. /opt/apps/RatticWeb/static/styles/$1
    2. /opt/apps/RatticWeb/media

    Thanks for your answers.

        1. I just did a search for the default Rattic logo:

          me@rattic:/var/www/html$ locate rattic_logo_normal.svg
          /opt/apps/RatticWeb-1.3.1/ratticweb/static/rattic/img/rattic_logo_normal.svg
          /opt/apps/RatticWeb-1.3.1/static/rattic/img/rattic_logo_normal.svg

          Anything there?

  2. Hi,
    I followed all of the above guide to install ratticdb i set my domain name as ratticdb.
    After finish all the steps i just simply entered https://ratticdb on my browser.It just simply said Unable to conncet(Problem loading page).I dont know where is the problem please help me to solve this mistake..
    my 000-default.conf page is below,
    ServerAdmin webmaster@localhost
    DocumentRoot /opt/apps/RatticWeb/staticl
    Servername ratticdb
    Redirect permanent / https://ratticdb

    1. Where did you install apache and rattic? You need to create a DNS entry for rattic DB pointing at that IP address or just use the IP address of the machine you installed on.

  3. when i use my ip adderss to hit my browser like(192.x.x.x) it just simply redirect into https://ratticdb and again said problem loading page or unable to connect..

    i installed ratticdb on /opt/apps as u above mensioned
    and apache2 in /etc folder please help me to solve this error

Leave a Reply